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Final rejection 
Response to the applicant's amendments 

1. Applicants argument/amendments with respect to amended claims 1, 3, 6, 7, 9, and 13 
and original claims 2, 4-5, 8, 10-12, and 14-22 filed on June 27, 2001 have been fully considered 
but are not persuasive. The examiner would like to point out that this action is made final (MPEP 
706.07a). 

2. The examiner withdraws the objected drawings. 

Response to the applicant's argument 

3. Applicant argues that Coley et al. does not teach or suggest: 

a. the claimed firewall to selectively perform a disconnection function for an access 
request to the external network from the internal network, 

b. the claimed FTP proxy for performing an authentication function for an access 
request from the internal network to the external network, 

c. Nagar et al. and Gupta et al. also do not or suggest these features. 

4. However, Examiner disagrees with applicant. 

Regarding argument (a) the examiner never cited Coley et al. for teaching a "firewall to 
selectively perform a disconnection function for an access request to the external network 
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from the internal network". Instead the examiner cited "Coley et al. and Gupta et al. do 
not explicitly teach an access request from the internal network to the external network" 
page 4. The examiner cited, as the applicant claimed the first limitation of claim 1, "a 
firewall (Coley et al. Fig. 3 No. 318) between an internal network (Coley et al. Fig. 3 No. 
328) and an external network (Coley et al. Fig. 3 No. 306), to selectively perform a 
disconnection function for an access request to the internal network from the external 
network" (Coley Col. 6 lines 7-23; and more citations as the applicant pointed out: col. 7 
lines 16-19, col. 8 lines 51-53, col. 8 lines 65-66, and col. 10 lines 46-48). 

Regarding argument (b) a FTP proxy to perform an authentication function for an access 
request (Coley et al. Col. 8 lines 64-col. 9 lines 34; proxy agent verifies the incoming 
access request) and Nagar et al. teaches forward filtering or a proxy server filtering 
requests originating from within internal network/Intranet that are destined for external 
network/Internet (Nagar et al. Col. 4 lines and Fig. 2). 

Regarding argument (c) the combination of Coley et al., Gupta et al. and Nagar et al. 
teach all the subject matter. A FTP proxy to perform an authentication function for an 
access request (Coley et al. Col. 8 lines 64-col. 9 lines 34; proxy agent verifies the 
incoming access request) and Nagar et al. teaches forward filtering or a proxy server 
filtering requests originating from within internal network/Intranet that are destined for 
external network/Internet (Nagar et al. Col. 4 lines and Fig. 2). 
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Therefor, the application of the prior art in relation to the claimed invention is appropriate 
and the argument is not convincing. 



Claim Rejections - 35 USC §103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 1-4 are rejected under 35 U.S.C. 103(a) as being unpatentable over Nagar et al 
(Nagar, U.S. Patent No. 6,604,143 Bl) in view of Coley et al. (Coley, U.S. Patent No. 6,061,798) 

6.1 As per claim 1, Nagar teaches a protective device for internal resource protection in a 
network, comprising: 

a firewall (Nagar Fig. 2 No. 214) between an internal network (Nagar Fig. 2 No. 202; 
intranet) and an external network (Nagar Fig. 2 No. 204; internet), to selectively perform a 
disconnection function for an access request to the external network from the internal network 
(Nagar Col. 4 lines 62-col. 5 lines 6); 

a FTP proxy (Nagar Fig. 2 No. 224) to perform an authentication function for an access 
request from the internal network to the external network (Nagar Col. 4 lines 62-col. 5 lines 48) 
and to record copies of data transmitted to the external network (Nagar Col. 5 lines 32-48); and 
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a file system to store data transmitted from the internal network to the external network 
according to the control of the FTP proxy (Nagar Col. 5 lines 32-48 and fig. 2 No. 242); 

Nagar does not explicitly teach a database to store log information related to the 
transmission of data according to the control of the FTP proxy by an authenticated user. 

However Coley discloses a database to store transaction log that gathers information 
associated with any access request message seeking to connect to or inquire about network 
elements residing behind the firewall (Coley Col. 13 lines 24-36). 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Coley within the system of Nagar because it 
would store information like the identity of the machine from which the request originated, IP 
address which Internet port system did the request originate over, destination address, time of 
access, and identity of user to identify the identity of the user/hacker and enhance security (Coley 
Col. 13 lines 24-37). 

6.2 As per claim 2, Coley, and Nagar teach all the subject matter as described above. In 
addition Coley teaches the device, further comprising a proxy monitor configured to display the 
log information outputted from the FTP proxy (Coley col. 6 lines 7-24, col. 9 lines 1-34, col. 13 
lines 24-37). 
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6.3 As per claim 3, Coley, and Nagar teach all the subject matter as described above. In 
addition Nagar teaches the device, wherein a client connects 

to a FTP server of the external network through the FTP proxy (Nagar Col. 4 lines 56-67). 

6.4 As per claim 4, Coley, and Nagar teach all the subject matter as described above. In 
addition Coley teaches the device, wherein the log information comprises a file name and 
absolute path of the file data to be stored in the FTP server, and a file name and absolute path of 
the file data logged on the FTP proxy (Coley Col. 13 lines 24-35; Coley teaches a transaction log 
(information of user data transmitted) that gathers information associated with any access request 
message, therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to have log information that comprises a file name and absolute path of 
the file data to be stored in the FTP server, and a file name and absolute path of the file data 
logged on the FTP proxy because it would help to monitor the transmitted data file name, and 
path on the proxy). 

7. Claims 5-22 are rejected under 35 U.S.C. 103(a) as being unpatentable over Coley et al. 
(Coley, U.S. Patent No. 6,061,798) in view of Gupta et al. (Gupta, Pub. No. US 2001/0020242 
Al), and in further view of Nagar et al. (Nagar, U.S. Patent No. 6,604,143 Bl) 

7. 1 As per claim 5, Coley teaches a method for protecting internal resources in a network, 
comprising: 

determining whether an access request is permitted or not (Coley Fig. 4B No. 428); 
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receiving a service command (Coley Fig. 4B No. 436); and 
if the received service command is a command requesting data transmission, 
transmitting data from the internal user (Coley Col. 8 lines 29-44); 

Coley does not explicitly teach if the received service command is a command 
designating a type of data, storing the designated type of data; and 
recording the transmission and reception of service; 

However Gupta teaches storing different information in the proxy database when a 
request is transmitted from the client that reads on if the received service command is a 
command designating a type of data, storing the designated type of data (Gupta Page 4 col. 0057; 
it would have, been obvious to one having ordinary skill in the art at the time of the invention was 
made to store the designated type of data if the received service command is a command 
designating a type of data because it would help to identify the file data according to its data 
type); and 

recording the transmission and reception of service (Gupta Page 4 par. 0057). 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Gupta with in the system of Coley because it 
would allow the proxy to access the time that the user spends on particular website (Page 4 Par. 
0057). Therefore it is obvious to have a file system to store data transmitted from the internal 
network to the external network according to the control of the FTP proxy because it would 
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allow the operator to monitor which file has been transmitted by what user, and access requests 
from the internal network to the external network; 

Coley and Gupta do not teach accessing an external network from an internal user of an 
internal network; 

connecting to a server located in the external network if the access request is permitted; 

and 

receiving a service command from the internal user. 

However, Nagar teaches accessing an external network from an internal user of an 
internal network (Nagar Col. 4 lines 56-67); 

connecting to a server located in the external network if the access request is permitted 
(Nagar Col. 4 lines 56-67; request from intranet user to internet server, Abstract; the request is 
then used to retrieve information from a server process); and 

receiving a service command from the internal user (Nagar Col. 4 lines 56-67; proxy 
receives request command from intranet user to access the internet server). 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to apply the teachings of Nagar within the system of Gupta and Coley 
and have a proxy server between an internal and an external network that performs 
authentication of an internal network users request to access an external network and 
transmission of data by an authenticated user, and to have database to store log files, and file 
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system to store copies of data transmitted because it would authenticate a request from an 
internal network users to accessing an external server data. 

7.2 As per claim 14, Coley teaches a method for protecting internal resources in a network, 
comprising: 

giving a user of a local network in which a firewall is built a proper ID and host 
information (Coley Col. 7 lines 66-coL 8 lines 18, Fig. 4B; an external network user is given an 
ID and host information to required to enter id and host information therefore it would have been 
obvious to one having ordinary skill in the art to give a proper ID to an internal network user 
because it would help to authenticate an internal user to access an external network); 

performing authentication (Coley Fig. 4B No. 428) and access control upon receiving a 
request for access (Coley Fig. 4B); and 

storing log information in a database (Coley Col. 13 lines 24-37); 

Coley do not explicitly teach teaches transmitting file data transmitted from the internal 
user to the server and storing copies of the transmitted file data; 

Gupta teaches transmitting file data transmitted from the internal user to the server and 
storing copies of the transmitted file data (Gupta Page 4 par. 0057); 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to employ the teachings of Gupta with in the system of Coley because it 
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would allow the proxy to access the time that the user spends on particular website (Page 4 Par. 
0057). Therefore it is obvious to have a file system to store data transmitted from the internal 
network to the external network according to the control of the FTP proxy because it would 
allow the operator to monitor which file has been transmitted by what user, and access requests 
from the internal network to the external network; 

Coley and Gupta do not explicitly teach teaches a request for access to an external 
network from the internal user; 

connecting to a server of the external network if an access to the external network is 
permitted; and 

receiving a service command from the internal user. 

However Nagar teaches a request for access to an external network from the internal user 
(Nagar Col. 4 lines 56-67); 

connecting to a server of the external network if an access to the external network is 
permitted (Nagar Col. 4 lines 56-col. 5 lines 48); 

receiving a service command from the internal user (Nagar Col. 4 lines 56-67). 

Therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to apply the teachings of Nagar within the system of Gupta and Coley 
and have a proxy server between an internal and an external network that performs 
authentication of an internal network users request to access an external network and 
transmission of data by an authenticated user, and to have database to store log files, and file 
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system to store copies of data transmitted because it would authenticate a request from an 
internal network users to accessing an external server data. 

7.3 As per claim 6, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein determining whether the access request is 
permitted comprises: 

determining whether an ID transmitted from a user is a registered ID or not (Coley Fig. 
4B No. 428; teaches determining whether an ID transmitted from the external user is a registered 
ID or not, it is obvious to determine whether an ID transmitted from the internal user is a 
registered ID or not); and 

controlling access by determining whether a host that has transmitted the 
access request is a registered host or not, if the ID is a registered ID (Coley Fig. 4B No. 
436; Coley discloses controlling access by determining whether a host that has transmitted the 
access request is a registered host or not, if the ID of the external user is a registered ID, it would 
have been obvious to one ordinary skill in the art at the time the invention was made to control 
access by determining whether a host that has transmitted the access request is a registered host 
or not, if the ID of the internal user is a registered ID). 

7.4 As per claim 7, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein controlling the access comprises: 

reading host information corresponding to the registered ID using the registered ID 
(Coley Fig. 4B No. 440, Col. 8 lines 64-col. 9 lines 34); 
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determining whether the host information read from the database and the 
host that has transmitted the access request are identical or not (Coley Col. 9 lines 1-43); 

permitting access if the two hosts are identical (Coley Col. 8 lines 64-col. 8 lines 34, Fig. 
4B No. 440) 

Nagar teaches reading host information corresponding to the registered ID from an 
internal database (Nagar Col. 4 lines 56-67); 

permitting access to the external network (Nagar Col. 4 lines 56-67) The rational for 
combining are the same as claim 1 above. 

7.5 As per claim 8, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein access control is not performed if the ID 
transmitted from the internal user is "Anonymous" (Coley Col. 6 lines 7-23, Fig. 4B No. 430). 

7.6 As per claim 9, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein of transmitting the data comprises: 

checking an ID if the received service command is a command requesting data 
transmission (Coley Col. 8 lines 29-44; Coley discloses checking an ID of the external user for 
transmission data request, it would have been obvious to check an ID of the internal user at the 
time of the invention was made because it would allow to authenticate an internal user from 
accessing external network); 

if the user ID is "Anonymous," interrupting the transmission of the received 
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service command to the external network (Coley Col. 6 lines 7-23); and 

if the user ID is a registered ID other than "Anonymous," transmitting the received 
service command and transmitting the data received (Coley Col. 6 lines 7-23; discloses if the 
user ID is a registered ID other than "Anonymous," transmitting the 
received service command to internal network and transmitting the data received from the 
external user to the internal user) 

7.7 As per claim 10, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein recording the transmission and reception of 
services comprises: 

receiving file data to be transmitted from the internal user to the external 
network (Coley Col. 8 lines 29-67); 

identifying the file data according to its data type to store the file data in the 
file system (Coley Col. 12 lines 65-col. 13 lines 15); and 

recording log information on the transmission of file data in a database (Coley Col. 13 
lines 29-49). 

7.8 As per claim 11, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein the filed data can be identified by the user as a 
designated data type or can be identified as a default data type (Coley Col. 12 lines 65-col. 13 
lines 15). 
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7.9 As per claim 12, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein the log information is recorded in the database 
(Coley Col. 13 lines 29-49) 

when all data (user request) to be transmitted from the internal user to the external 
network is transmitted (Nagar Col. 4 lines 56-67). The rational for combining are the same as 
claim 1 above. 

7.10 As per claim 13, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein the log information comprises a file name and 
absolute path of the file data to be stored in the FTP server, and a file name and absolute path of 
the file data logged on the FTP proxy (Coley Col. 13 lines 24-35; Coley teaches a transaction log 
(information of user data transmitted) that gathers information associated with any access request 
message, therefore it would have been obvious to one having ordinary skill in the art at the time 
the invention was made to have log information that comprises a.file name and absolute path of 
the file data to be stored in the FTP server, and a file name and absolute path of the file data 
logged on the FTP proxy because it would help to monitor the transmitted data file name, and 
path on the proxy). 

7.11 As per claim 1 5, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein the authentication and access control comprises: 
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determining whether the ID transmitted is a registered ID (Coley Fig. 4B No. 428; 
teaches determining whether an ID transmitted from the external user is a registered ID, it is 
obvious to determine whether an ID transmitted from the internal user is a registered ID); 

if the ID is registered, reading host information corresponding to the registered ID from 
the database (Coley Col. 8 lines 64-col. 9 lines 34, Fig. 4B No. 440); 

determining whether the host information read from the database and the 
host who has transmitted the access request are identical (Coley Col. 9 lines 1-43); 
and 

permitting access if the two hosts are identical (Coley Col. 8 lines 64-col. 8 lines 34, Fig. 
4B No. 440). 

Nagar teaches permitting access to the external network (Nagar Col. 4 lines 56-67) The 
rational for combining are the same as claim 1 above 

7.12 As per claim 16, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method of claim 14, wherein storing copies of the transmitted file 
data and log information comprises: 

receiving file data to be transmitted from the user to the external network (Coley Col. 8 
lines 29-67); 

identifying the file data according to a data type to thus store the file data 
in the file system (Coley Col. 12 lines 65-col. 13 lines 15); and 
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recording log information regarding the transmission of file data in a database (Coley 
Col. 13 lines 29-49). 

7.13 As per claim 17, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, wherein the log information comprises a user ID for 
performing file data transmission, a source IP address of the client being used by the internal 
user, a destination P address of the FTP server that receives the file data, a date and time of file 
data transmission, a file name and absolute path of the file data to be stored in the FTP server, 
and a file name and absolute path of the file data logged on the FTP proxy (Coley Col. 13 lines 
19-37). 

7.14 As per claim 18, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Gupta teaches the device, wherein the file system stores data according to a type of 
the data (Gupta Page 4 par. 0057). The rational for combining are the same as claim 1 above. 

7.15 As per claim 19, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Gupta teaches the device of claim 1 8, wherein the type of data is at least one of 
ASCII, EBCDIC, and Image (Gupta Page 4 par. 0057). 

7.16 As per claim 20, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition 
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the device, further comprising a client (Nagar Fig. 2 No. 216), coupled to the firewall and 
to the FTP proxy (Nagar Fig. 2 No. 214), to request FTP service from the external network 
(Nagar Col. 4 lines 56-67) if the FTP proxy successfully authenticates the client (Coley Fig. 4B) 
The rational for combining are the same as claim 1 above.. 

7.17 As per claim 21, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method further comprising outputting the login formation in a form 
recognizable to a system operator (Coley Col. 13 lines 19-37, col. 9 lines 1-36). 

7. 1 8 As per claim 22, Coley, Gupta, and Nagar teach all the subject matter as described above. 
In addition Coley teaches the method, further comprising outputting the log information in a 
form recognizable by a system operator (Coley Col. 13 lines 19-37, col. 9 lines 1-36). 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A Shiferaw whose telephone number is 703-305-0326. The 
examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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